Hi, You are correct regarding the 5.19.x and 6.2.x branches. While direct pushes are restricted, the required review count is currently set to zero, as seen here: https://github.com/apache/activemq/blob/main/.asf.yaml#L53.
I agree that we should maintain consistency across all active branches, and I am happy to update the policy accordingly. Regards, JB On Tue, Apr 14, 2026 at 8:48 PM Christopher Shannon < [email protected]> wrote: > I am in favor of this in general because anyone that's been a > developer for any length of time understands code reviews are a good > thing. It helps to catch mistakes and is always good to get a second > pair of eyes on a commit. There really isn't any time where you would > need to directly push. The only time it's a bit annoying is for small > fixes or updates but that's not a huge deal to ping someone for an > approval. > > I also like the workflow because it means we never miss documenting a > change and it will get included in the release notes. With no more > Jira, we can just open up PRs now and those PRs become the issue. > While we always have an option to create a separate GitHub Issue, just > using the PR to document the change is nice. > > I also think that it's informative and very telling that it's been 3 > months and none of the active contributors using the workflow have > complained about it, so I think everyone is pretty happy with how it's > gone so far. > > One thing I noticed is that the 5.19.x and 6.2.x branches do not > require approval (you can just create a PR and immediately push). I > think we should be consistent and for all active branches that we care > about we should require approval. > > On Tue, Apr 14, 2026 at 1:36 PM Jean-Baptiste Onofré <[email protected]> > wrote: > > > > Hi > > > > No you can manipulate everything via gh pr CLI (going via the github > API). > > I rarely use the github web ui (mostly using gh cli). > > > > I think that signed commits is a separate discussion, I like it. > > > > Regards > > JB > > > > Le mar. 14 avr. 2026 à 19:28, Matt Pavlovich <[email protected]> a > écrit : > > > > > Does this require the merge to be done via the Web UI? My only concern > > > there is that means that those merge commits cannot be signed. > > > > > > I feel we should be working towards signed commits by author for a > > > stronger supply chain security posture. > > > > > > Thanks, > > > Matt > > > > > > > On Apr 14, 2026, at 12:17 PM, Jean-Baptiste Onofré <[email protected]> > > > wrote: > > > > > > > > Hi everyone, > > > > > > > > Branch protection was enabled on the main branch on January 10, and > > > > subsequently applied to the activemq-6.2.x and activemq-5.19.x > branches > > > on > > > > February 19. > > > > > > > > As this impacts all contributors, this is a topic we should have > > > discussed > > > > collectively. I apologize for not bringing it to the list sooner. > > > > > > > > You can view the current configuration here: > > > > https://github.com/apache/activemq/blob/main/.asf.yaml#L40 > > > > > > > > Under this configuration: > > > > > > > > 1. Direct pushes are no longer permitted (including via GitBox). All > > > > changes must go through a PR. > > > > 2. Every PR requires at least one approval to be merged. > > > > > > > > The goals of these changes are to: > > > > > > > > 1. Increase overall quality through peer reviews. > > > > 2. Foster better collaboration. > > > > 3. Improve the onboarding experience for new contributors via > guidance > > > and > > > > feedback. > > > > 4. Ensure CI validation before merging (which was previously > disabled due > > > > to flaky tests). > > > > > > > > I recognize this represents a shift in our workflow, specifically > because > > > > direct pushes are restricted and even minor changes now require a > PR. For > > > > rare cases where a direct push is necessary (such as updating build > > > > contexts in .asf.yaml), we can coordinate with Infra to temporarily > relax > > > > these protections. > > > > > > > > Personally, after three months of using this workflow, I have seen > many > > > > positive results. However, if you have concerns, please share your > > > comments > > > > so we can discuss whether to adjust or disable these settings. > > > > > > > > Thanks > > > > Regards, > > > > JB > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [email protected] > > > For additional commands, e-mail: [email protected] > > > For further information, visit: https://activemq.apache.org/contact > > > > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > For further information, visit: https://activemq.apache.org/contact > > >
